Privacy Policy

Privacy Policy

Last updated: 09/05/2026

I. Data Controller

The controller of personal data is AVEMTO, located at:

Calle Baleares 4
38670 Costa Adeje
Santa Cruz de Tenerife
Spain

Contact regarding personal data protection:
info@avemto.com

The Administrator makes every effort to ensure the security of users’ personal data in accordance with applicable laws, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council (“GDPR”) and Spanish legislation.

II. Purpose and Scope of Personal Data Processing

Using the website www.avemto.com may involve the processing of the user’s personal data to the extent necessary for the provision of services, reservation processing, and proper operation of the website.

Personal data may be processed in particular for the following purposes:

1. Account Registration and Service Fulfillment

In connection with the use of the website, we may process data such as:

  • full name,

  • e-mail address,

  • phone number,

  • billing address,

  • reservation details,

  • payment-related information,

  • order history,

  • information submitted through contact forms or messages.

The data is processed for the purpose of:

  • creating and managing the user account,

  • processing reservations and orders,

  • contacting the user regarding provided services,

  • payment processing,

  • customer support,

  • compliance with legal obligations.

2. Contact with the User

If the user contacts us via contact form, e-mail or telephone, we process the data necessary to respond and continue communication regarding the relevant matter.

3. Marketing and Newsletter

With the user’s consent, we may send marketing information, promotions, special offers or newsletters.

Consent may be withdrawn at any time by contacting:
info@avemto.com

4. Security and Proper Functioning of the Website

Technical data and information regarding user activity may be processed for the purpose of:

  • ensuring website security,

  • detecting abuse,

  • protection against unauthorized access,

  • conducting technical statistics,

  • improving website functionality.

III. Technical and Operational Data

While using the website, technical data may be automatically collected, such as:

  • IP address,

  • device type,

  • browser type,

  • operating system,

  • device language,

  • date and time of connection,

  • session information.

This data is used exclusively for technical, security and website operation purposes.

IV. Mobile Devices and Mobile Website Version

When using the mobile version of the website, we may process technical device data such as device type, operating system, language settings or browser information in order to ensure proper website operation and adapt content to the user’s device.

With the user’s consent, location data may also be processed to adapt offers to the user’s location. Location services can be disabled in the device or browser settings.

V. Legal Basis for Data Processing

Personal data is processed on the basis of:

  • Article 6(1)(a) GDPR – user consent,

  • Article 6(1)(b) GDPR – performance of a contract or actions prior to entering into a contract,

  • Article 6(1)(c) GDPR – legal obligations of the controller,

  • Article 6(1)(f) GDPR – legitimate interest of the controller.

The legitimate interest of the controller includes, among others:

  • ensuring website security,

  • protection against abuse,

  • establishment or defense of legal claims,

  • development and optimization of the website,

  • user support.

VI. Sharing of Personal Data

Personal data may be shared only with entities necessary for the provision of services, in particular:

  • payment operators,

  • IT and hosting service providers,

  • technology partners,

  • attraction and tour organizers,

  • transport providers,

  • tourism service providers,

  • accounting or legal service providers,

  • public authorities when required by law.

AVEMTO does not sell users’ personal data to third parties.

VII. Transfer of Data Outside the European Economic Area

In some cases, data may be transferred outside the European Economic Area if necessary for the provision of services or the use of technological tools cooperating with the website.

In such cases, the Administrator applies appropriate safeguards required by GDPR, including standard contractual clauses approved by the European Commission.

VIII. Data Retention Period

Personal data is stored only for the period necessary to achieve the purposes of processing, in particular:

  • for the duration of service provision and user account maintenance,

  • for the period required by tax and accounting regulations,

  • until the limitation period for potential claims expires,

  • until consent is withdrawn in the case of marketing activities.

After the required retention periods expire, the data is deleted or anonymized.

IX. Data Security

The Administrator applies appropriate technical and organizational measures to ensure the protection of personal data, including in particular:

  • SSL/TLS encryption,

  • access control,

  • server security measures,

  • limitation of access to data,

  • regular updates of systems and software.

X. User Rights

The user has the right to:

  • access their personal data,

  • rectify data,

  • delete data,

  • restrict processing,

  • object to processing,

  • data portability,

  • withdraw consent,

  • lodge a complaint with the competent data protection authority.

To exercise these rights, the user may contact:
info@avemto.com

The Administrator responds without undue delay, no later than within 30 days.

XI. Minors’ Data

The website is not intended for persons under 14 years of age without the consent of a parent or legal guardian.

XII. Automated Decision-Making

The Administrator does not make decisions producing legal effects concerning users based solely on automated processing, including profiling.

XIII. Links to External Websites

The website may contain links to third-party websites. The Administrator is not responsible for the privacy policies applicable on those websites.

XIV. Changes to the Privacy Policy

The Administrator reserves the right to update this Privacy Policy in the event of changes in legislation, technology or website functionality.

The current version of the document is published on www.avemto.com.

XV. Contact

Any questions regarding personal data protection should be sent to:

info@avemto.com

AVEMTO
Calle Baleares 4
38670 Costa Adeje
Santa Cruz de Tenerife
Spain